A vulnerability was found in Filipe Nasc RD Station Plugin up to 5.6.0 on WordPress and classified as critical . This impacts an unknown function. Such manipulation leads to code injection. This vulnerability is referenced as CVE-2026-49774 . It is possible to launch the attack remotely. No exploit is available.